I have the green onion icon in the bottom right and I can open the Vidalia Control Panel, which tells me I am connected to the Tor network. But surfing the web is nothing like when I used Tor in Ubuntu. How do I now surf with Abrowser in a way that guarantees me the Tor protection?
Thanks!

On Fri, Nov 2, 2012 at 6:01 PM, <name at domain> wrote:
> Wow, this worked like magic, thank you very much! I wish the Tor site had
> this instruction in their directions for GNU/Linux installations so I
> wouldn't have to bother you.
> Thanks again!

Tor is a very sensitive package and AFAIK it's not updated very often
in the package repositories of any GNU/Linux distribution.

The tor browser bundle works very well provided that you want to use
tor only for web browsing. If you want to route other programs through
tor (e.g. wget, curl, pidgin) you may need to hack a bit.

The tor browser bundle is updated fairly frequently and it will tell
you whenever a new update is available. However, they don't ship with
the latest version of their rebranded Firefox so you may still be
vulnerable to Firefox bugs (same thing for Trisquel's abrowser).

Also, I'd advise you to purge the previous installation of tor with

sudo apt-get purge tor

One last thing, it seems that you have some unused packages (see the
output of your apt-get). You can run apt-get autoremove to get rid of
them.

The error message means another application is "locking" some directories used by the package manager. Maybe, Synaptic is running. Or the update manager. Or apt-get/aptitude in another terminal. Just close this other applications and execute this command again:$ sudo apt-get autoremove

> Thank you Stefano! I run both commands. For the 2nd however, I got this:
>
> apt-get autoremove
> E: Could not open lock file /var/lib/dpkg/lock - open (13: Permission denied)
> E: Unable to lock the administration directory (/var/lib/dpkg/), are you
> root?

Hi,

you should run the command with 'sudo' that allows you to execute the
command as another user, in this case, root. Sorry, I was not clear in my
previous email).

So, the correct command would be

sudo apt-get autoremove

as magicbanana already said.

Best,

--
Stefano

Fortune of the day: "Alimony and bribes will engage a large share of your
wealth."

I wouldn't trust this "Tor network" as an effective tool to protect one's privacy.

Tor has been developed by the US government. And is still supported by it, to this day.

"Originally sponsored by the US Naval Research Laboratory,[8] Tor was financially supported by the Electronic Frontier Foundation from 2004 to 2005.[10] Tor software is now developed by the Tor Project, which has been a 501(c)(3) research/education nonprofit organization[11] based in the United States of America[1] since December 2006 and receives a diverse base of financial support;[10] the U.S. State Department, the Broadcasting Board of Governors, and the National Science Foundation are major contributors.[12]" --- Wikipedia

This is the same entity that has an interest in spying - and is known to spy - on people.

If I were the US government, knowing that people would want to create and use this kind of networks to protect their privacy, I would develop one, in advance, that would be easily hacked - and, therefore, not effective - publicize it a lot and convince those same people to use it.

This was never a secret. If the NSA wants to hide something in software to gain access to peoples machines they wouldn't put it here. It just doesn't make sense. It is some of the most scrutinized code around. There are dozens of educational institutions, security experts, crypto people, and others who keep an eye on it. The development model allows for it. The code is not developed in secret and later released under a free license. It is a completely open process that all can participate in.

If your concerned then you better not use Truecrypt, LibreOffice, or X. I'd imagine the majority of code on your system started out its development in secret. There were no third parties scrutinizing every little update.

The weaknesses in Tor are known too. It's a low latency network. Compromises had to be made in order to achieve that. This is also no secret and there is even a big fat warning that the software should not be relied upon. There is a stable release though so you have to take it with a grain of salt.

Besides the Electronic Frontier foundations having had supported it for years the developers are also extremely well know and careful with releases. They know people are using it despite the warnings. The one developer I believe even got hassled by the TSA as he was involved with or communicated with wikileaks. This project has lots of good karma in the free software community. While I have not analyzed the code I can say that there are no leaks for which I have found when properly setup.

It is not recommended to use Tor in and of itself. Using the Torbrowser is a better bet. Using Torbrowser instead of Tor increases the possible set of users. It also ensures that you don't become a victim of potential vulnerabilities. For instance Adobe Flash is not included and Javascript is disabled (I believe, or at least some scripting is). There are lots of other changes made.

I didn't say anything about hidden code in the Tor network. I know it's an open source project. What I said is that it's a network know not to be safe - as it is explained in the last link I left. Unlike a lot of people working for the US government, I'm not a computer security expert. So, even if I try, I can never totally comprehend how secure this network is or is not.

(How do I even know if all the servers used in this network truly do what they claim to be doing and if some of them are not just faking it, for example? Also, as far as I know, the known flaws that have been, so far, discovered in this network are just that - what is publicly know. And if that is what a few groups, with a very limited funding, are capable of discovering, I wonder what the US government - who invented the Internet itself, and a whole lot of things, with its trillions of dollars, supercomputers and armies of hackers at its disposal - is capable of.)

You can all trust who you want... I'm just giving my opinion. And, being more specific, I just personally don't trust a government who invades and bombs foreign countries, tortures people, has concentration camps, kills its own citizens with no legal process whatsoever, is, and continues to be, responsible for the deaths of millions of people worldwide and that is turning its society into a truly police state...

The US government doesn't want to protect people's privacy. Quite the opposite. And it doesn't make any sense that it would help to develop a truly secure network, as this one claims to be. Why would the US government help people to protect themselves against itself? I doesn't add up. (And if that's not the objective, then what is it, here?)

Concerning the EFF...

It's one of many fake foundations that are actually working for the powers-that-be. And it is, obviously, no accident that it collaborates with the US government in the development of this network. It's financed by the same economic interests who control the US government. And I can easily get their own reports who prove it. But one would have to know "who's who" of the political and economical elite in order to know what I'm talking about.

I know who's the person you're talking about, when you mention an episode with the TSA. It's one of the hackers who participated in this debate. The TSA episode doesn't prove anything. Intelligence operations are all about deception. And the episode you talk about could just be theatre, in order to convince people he's something he's not.

> What I said is that it's a network know not to be safe - as it is explained
> in the last link I left. Unlike a lot of people working for the US
> government, I'm not a computer security expert. So, even if I try, I can
> never totally comprehend how secure this network is or is not.

Please,

can we leave this thread as a purely technical one, that - by the way - has been
solved?

Feel free to start a new thread if you are concerned about the use of the Tor
network. Also, I think this has been already discussed in the forums.

Thank you,

--
Stefano

Fortune of the day: "Cheer Up! Things are getting worse at a slower rate."